Dns-operations mailing list

[Philipp Schafft <lion AT lion.leolix.org>]

reflum,

On Sat, 2013-07-13 at 19:35 -0600, Jeff Taylor wrote:
> OK, the new IP looks good from here.  Nope that it is answering with
> your BIND version number, that could be a potential security risk.

Jup. I know about that.
Thanks for the first test.

> As far as changing the IP of NS4 in the opennic records, let me know
> when you are ready to go live, and I will make the change.

Ok. Thank you.


> For your config of all the opennic zone, we now have all the tier-1
> servers renumbered as NS1 through NS10.  You should be able to list all
> of those as masters for every TLD.  The zone dns.opennic.glue is hosted
> by NS0, so you can also include that server, along with the other tier-1
> servers.

Ok. I wasn't sure as this change a bit over the years and we lately had
some 'avoid server XXX it has a bad serial' problems. Will update thet
config like that.


> Are you still not using our root zone on this new server? 

Correct. We tried to set it up with views so we can handle this a bit
better but that failed.

> I'm actually
> wondering, since changes are being made, should we consider treating
> .fur as a peer instead of an opennic-hosted TLD?

Oh, I always considered it a very close peer. and I would like to keep
it this way as it worked well as of my POV.


> If so, we would drop
> the NS4 designation all together...  I don't know, its just a thought.

I would like to keep it in the OpenNIC namespace. For example not to
loose such easy rules as 'all tier-1 work as master'.

If needed we can consider another solution beside views. Maybe I can set
up another instance of bind that is fully (and only) OpenNIC conform and
works as bridge.

Yet I would like to delay that to next month so we can move servers
first and then add more new workarounds ;)

Thank you for your Support.

-- 
Philipp.
 (Rah of PH2)

Attachment: signature.asc
Description: This is a digitally signed message part